FEDERAL ELECTION COMMISSION OFFICE OF CHIEF INFORMATION OFFICER IT STRATEGIC PLAN 2020-2024
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
FEDERAL ELECTION COMMISSION
OFFICE OF CHIEF INFORMATION OFFICER
IT STRATEGIC PLAN
2020-2024FEC Information Technology Strategic Plan 2020-2024
EXECUTIVE SUMMARY
The IT Strategic Plan for the Federal Election Commission’s Office of the Chief Information Officer
(OCIO) covers the period from January 1, 2020 through September 30, 2024. The Plan focuses on
aligning IT activities with FEC objectives and the government-wide Digital Government Strategy
including IT modernization outlined for federal agencies by the Office of Management and Budget.
Across government and at the FEC, agencies are challenged to deliver and receive digital information and
services, anytime, anywhere and on any device. We must also do so safely, securely and with fewer
resources. Each year, the FEC has more data and information to store, manage, share and protect. Changes
in the way political committees raise and spend funds have resulted in a stark increase in the number of
transactions disclosed to the FEC each year. This ever-growing volume of campaign finance disclosure
data must be received, processed and made available to the public within the agency’s tight deadlines for
public disclosure, and must be safeguarded to ensure the integrity and accessibility of the information.
Rapidly evolving technologies also challenge us to constantly upgrade and change our tools and systems to
meet the public’s desire for data access. New technologies require new methods for ensuring the security
of our systems and the integrity and accessibility of our data.
Our challenge for the next several years is to position the FEC to meet the public’s evolving expectations
for access to digital data and tools by modernizing and streamlining our systems, processes and
infrastructure. Guided by the IT Objectives outlined in this Strategic Plan, the FEC will continue to make
improvements to meet the goals of the Digital Services Strategy to ensure that the agency continues to
meet its own mission, now and in the future.
In order to meet these increased demands and challenges, the modernization effort includes not only
improvements to the technology infrastructure but, just as important, changes in the way the FEC works.
Thus, strategic objectives included in this Plan focus on our efforts to modernize the skillset of OCIO staff
and to launch an outreach effort across the agency to introduce innovation and change culture as needed.
2FEC Information Technology Strategic Plan 2020-2024
MESSAGE FROM THE CIO – ALEC PALMER
I am pleased to present an update to the IT Strategic Plan for the Federal Election Commission which
illustrates the agency’s strategic vision and direction for technology initiatives while providing guidance to
agency decision makers as they make their investment decisions. Each year we make investments in
technology in order to support the vital programs and services that serve constituents efficiently and
effectively. These technology investments will also focus on providing our internal customers better tools
that will enable the FEC staff to better serve their stakeholders and customers.
As digital services have the potential to transform every aspect of government, it is important that those
investments be strategic and effective in delivering services and information with excellence. The way
political committees raise, spend and report their financial activity, and the way citizens expect to access
campaign data, has fundamentally changed over the past ten years. The FEC has kept pace with these
changes.
By making strategic investments in technology, government serves citizens in a manner that provides them
the convenience, access, choice and control over technology empowering their interactions with campaign
finance data. The goals and objectives identified in this IT Strategic Plan consider mobile and cloud
technologies first, and focus on modernizing our systems and practices to ensure we meet the public’s
expectations for information availability and customer service in the most efficient, effective and cost-
effective way.
This Plan continues to focus on securing the critical technology infrastructure as well as building up the
capacity and skill-level of the technology workforce. Finally, the Plan also highlights the continuing
efforts to ensure the successful continuation of current technology initiatives as the FEC seeks to receive,
process and make available an increasing volume of campaign finance information.
Over the past five years alone, the number of financial transactions disclosed to the agency has increased
nearly four-fold, from 80 million transactions received in FY 2014 to 270 million received in FY 2019. In
FY 2020 we are on track to receive over 600 million transactions. The work of OCIO to proactively
prepare for this massive increase in transaction while basically maintaining staffing and budget levels
demonstrates the IT modernization success thus far. This growth trend is expected to continue for the
foreseeable future. Working together, we can ensure the 21st century government is delivering results and
effectively serving its 21st century constituents.
3FEC Information Technology Strategic Plan 2020-2024
IT STRATEGIC PLAN OVERVIEW
Approach to Development
The Federal Election Commission Strategic Plan, and the Digital Government Strategy were used to guide
the development of this IT Strategic Plan. While our approach to IT modernization will rely on an agile,
user-centered model and prioritize transitioning our operations to a DevOps model, we’ve developed the
IT Objectives and strategies identified in this Plan through a traditional approach. The mission defines the
purpose and focus of the IT organization. IT objectives are defined by consideration of the FEC strategic
objectives and business strategy and activities. Each objective was created in support of a business goal
and designed to counter a weakness or threat, while taking advantage of our strengths and opportunities.
The objectives are followed by the supporting strategies and actions used to realize each FEC and IT
objective.
• MISSION
• - Who we are MISSION
• - What we do
• - 3 to 5 years
OBJECTIVES:
- What we want to accomplish STRATEGIC ACTIVITIES:
- Measurement - How to accomplish the goals
- Time associated - Simple statements
- 2 to 3 years Planning = Results
- Oriented to competition
- Do what we say we will do - 1 to 2 years
(If not, change it)
CRITICAL ISSUES
CRITICAL ISSUES:
- Show stoppers
- Short-term barriers to success
- Identify and control
- 6 months or less
- Contingencies
1 https://www.fec.gov/resources/cms-content/documents/FEC_Strategic_Plan_FY_2018-2022.pdf.
4FEC Information Technology Strategic Plan 2020-2024
ACHIEVING THE FEC’S MISSION
Mission drives organizations, and the need to deliver better services to customers continues to
push every level of government to look for new solutions. The FEC’s Office of the Chief
Information Officer is committed to ensuring that the FEC has IT systems, tools and resources in
place to meet the Commission’s mission to protect the integrity of the federal campaign finance
process by providing transparency and fairly enforcing and administering federal campaign
finance laws. Over the next five years, the OCIO will seek innovative solutions to meet IT
challenges arising from rapidly evolving technologies and a growing demand for the FEC’s
services, in support of the FEC’s mission.
The FEC has set as its strategic goal to fairly, efficiently and effectively administer and enforce
the Federal Election Campaign Act, promote compliance and engage and inform the public
about campaign finance data and rules, while maintaining a workforce that delivers results. This
goal is supported by four objectives outlined in the FEC’s Strategic Plan, FY 2018-2022.
FEC Objective 1: Engage and Inform the Public about Campaign Finance Data
The Federal Election Campaign Act requires accurate and comprehensive public disclosure
by federal candidates and political committees of all contributions and expenditures. In an
average fiscal year, the FEC receives campaign finance reports, statements and other
disclosure documents from more than 10,000 political committees and other filers. In FY
2017, the FEC received 82,136 campaign finance filings. Campaign finance reports filed
during the year disclosed 107.7 million financial transactions, which were included in the
FEC’s campaign finance database.
During FY 2018-2022, the Commission will facilitate transparency in the federal campaign
finance system through a state-of-the-art, web-based public disclosure system for all
campaign finance activity, ensuring that this vast quantity of campaign finance data is
available to the public quickly and in a manner that is easy for the general public to sort and
search. In addition to ensuring greater access to a larger quantity of campaign finance data,
the FEC will also promote public engagement, usability and greater understanding of
campaign finance data through targeted educational and communication initiatives.
FEC Objective 2: Promote Compliance with the FECA and Related Statutes
The Commission’s statutory obligation is to administer, interpret and enforce the FECA,
which serves the compelling governmental interest in deterring corruption and the
appearance of corruption in financing elections. In doing so, the Commission must remain
5FEC Information Technology Strategic Plan 2020-2024
mindful of the First Amendment’s guarantees of freedom of speech and association, and the
practical implication of its actions on the political process.
Public confidence in the political process depends not only on laws and regulations to assure
transparency and limits and prohibitions on the amounts and sources of contributions, but
also on the knowledge that those who disregard campaign finance regulations will face
consequences for non-compliance. In FY 2018-2022, the FEC will focus on administering
fair, effective and timely enforcement and compliance programs.
Complementing the FEC’s vigorous enforcement and compliance programs are the FEC’s
increased efforts to promote voluntary compliance. Because of the large and rising number
of political committees and the ever-growing number of financial disclosure reports filed
with the FEC, voluntary compliance is essential. Accordingly, the Commission will devote
significant resources in FY 2018-2022 to encourage voluntary compliance through the
widespread dissemination of educational materials related to campaign finance laws to the
public, the press, political committees and to state election officials.
FEC Objective 3: Interpret the FECA and Related Statutes
The Commission responds to questions about how the Act applies to specific situations by
issuing advisory opinions (AOs). In addition, Commission initiatives, Congressional action,
judicial decisions, petitions for rulemaking or other changes in campaign finance law often
necessitate that the Commission update or adopt new regulations. Consequently, the FEC
undertakes rulemakings either to write new Commission regulations or revise existing
regulations.
The Commission represents itself in litigation before the federal district and circuit courts
and before the Supreme Court with respect to cases involving publicly financed Presidential
candidates. It also has primary responsibility for defending the Act and Commission
regulations against court challenges. In addition, the FECA authorizes the Commission to
institute a civil action in enforcement matters that cannot be resolved through voluntary
conciliation.
Objective 4: Foster a Culture of High Performance
The Commission understands that its greatest resource is its employees. Organizational
performance is also significantly improved when internal management processes are
efficient and effective. The Commission will take steps outlined in this Plan to ensure that
the agency’s working environment promotes and supports the best efforts of its staff.
6FEC Information Technology Strategic Plan 2020-2024
Role of the Office of the Chief Information Officer
The OCIO consists of four units: (1) Enterprise Architecture; (2) Operational Support; (3) Data
Administration; and (4) IT Security. The OCIO provides secure, stable and robust technology solutions for
Commission staff and the public.
OCIO ensures agency employees have a technology infrastructure that allows them to perform their day-
to-day responsibilities administering and enforcing campaign finance law. OCIO also develops and
supports analytic reporting tools that help staff perform their disclosure and compliance duties.
In addition, OCIO develops and maintains the systems that serve as the public’s primary source of
information about campaign finance data and law. In this way, OCIO serves a pivotal role in ensuring the
FEC protects the integrity of the federal campaign finance process by ensuring that the public has access to
reliable data describing how candidates raise and spend funds to support their campaigns.
The OCIO bears the primary responsibility for pursuing the agency’s first strategic activity, as identified in
the FEC Strategic Plan: to ensure easy public access to both raw data and data summaries on the FEC
website and to communicate the availability of disclosure resources to the public. Thus, in addition to
supporting agency-wide information technology operations, OCIO places a special emphasis on ensuring
that campaign finance data and information is collected, maintained and made available to the public in a
manner that ensures the integrity and accessibility of that information.
7FEC Information Technology Strategic Plan 2020-2024
DIGITAL STRATEGY
The Digital Government Strategy challenges federal agencies to build a 21st century government that
works for the American people. The three primary goals of the strategy are to:
• Enable the public to access high-quality digital government information and services anywhere,
anytime and on any device.
• Ensure that government seizes the opportunity to procure and manage devices, applications and
data in smart, secure and affordable ways.
• Unlock the power of government data to spur innovation across the nation and improve the quality
of services for the American people.
The FEC has already taken important steps to develop the IT infrastructure necessary to support a 21st
century digital services model. The FEC’s vast store of campaign finance data is arguably our most
valuable and most durable asset. The agency currently maintains more than 40 years’ worth of detailed
data on campaign finance transactions collected over time and via an array of media, including letters,
paper forms and electronically filed documents.
Changes in the way political committees raise and spend funds have resulted in a stark increase in the
number of transactions disclosed to the FEC each election cycle. This ever-growing volume of campaign
finance disclosure data must be received, processed and made available to the public within the agency’s
tight deadlines for public disclosure, and must be safeguarded to ensure the integrity and accessibility of
the information. The chart below illustrates the exponential growth of data transactions the FEC needs to
process, store, search and display to support the FEC’s disclosure mission.
Growth in the number of transactions filed each election cycle since 1980.
8FEC Information Technology Strategic Plan 2020-2024
The FEC has taken a number of steps to ensure the agency continues to meet its disclosure mission. During
FY 2018, we completed the migration of the campaign finance database and the systems that support it
into a secure, scalable, cloud environment. This migration allowed the agency to shut down one of its four
physical data centers during FY 2018, thus reducing the agency’s physical datacenter footprint by 25
percent.
As we reflect back on the website project, it is important to note that it was the first step of the much larger
initiative of IT modernization. The entire undertaking had numerous collateral benefits from cloud
computing to addressing security requirements, combined with significant reduction in annualized legacy
expenses while allowing for exponential growth in data requirements. The agency also began to use agile
methodology and practices through the website initiative. This iterative process ensures that the website
team is able to respond quickly to arising issues, while constantly improving the website to incorporate
user feedback.
At the same time, the FEC has opened the agency’s campaign finance data for greater public use by
developing a library of application programming interfaces (APIs) and taken significant steps to make this
information portable by developing a campaign finance data interface that is fully mobile responsive. In
May 2017, the FEC launched a fully redesigned website that employs a comprehensive, robust and
deliberate approach to improving customer experience (CX).
Over the next few years, the FEC will continue work to meet the challenges of the Digital Government
Strategy by modernizing IT systems and programs, ensuring the security and availability of data,
improving customer experience and reshaping its workforce to meet future challenges.
9FEC Information Technology Strategic Plan 2020-2024
FEC INFORMATION TECHNOLOGY STRATEGIC OBJECTIVES
The FEC’s IT Strategic Plan outlines the steps to meet these challenges over the next four years by
implementing the goals of the Digital Services Strategy.
IT Objective 1: IT Modernization
GAO’s 2016 report, Federal Agencies Need to Address Aging Legacy Systems, found that
across government, federal agencies spend approximately 75 percent of their IT budgets to
operate and maintain legacy investments that are becoming increasingly obsolete. Less
than a quarter of federal IT spending is directed toward cloud computing and shared
services that according to GAO and OMB make IT more efficient and agile and enable
innovation. OMB specifically encourages agencies to implement cloud-based solutions
whenever a secure, reliable, cost-effective cloud option exists and to use shared services
for IT service delivery in order to increase return on investment, eliminate waste and
duplication and improve the effectiveness of IT solutions.
The FEC IT Strategic Plan 2016-2020 set out a strategy to modernize the FEC’s IT
systems and reduce costs associated with maintaining legacy systems by building a new
cloud-based website and shutting down associated legacy systems. With this work
completed, the OCIO will focus its efforts over the next four years on migrating additional
systems and data to the cloud, modernizing the eFiling platform, further reducing reliance
on legacy systems and leveraging Open Source software and platforms.
IT Objective 2: Security and Privacy
To support information sharing and collaboration, we must build in security, privacy and
data protection throughout the entire technology life cycle. We must also adopt new
solutions, such as continuous monitoring, identity and authentication and credential
management that support the shift from securing devices to securing the data itself and
ensuring that data is only shared with authorized users.
IT Objective 3: Customer Experience
The President has included in his management agenda a focus on managing customer
experience and improving service delivery. Customer experience (CX) refers to a
combination of factors that result from touchpoints between an individual, business or
organization and the federal government over the duration of an interaction and
relationship. These factors include ease/simplicity, efficiency/speed and equity/transparency
of the process, quality of the service itself and the helpfulness of service delivery
employees. Together, these factors can drive the overall satisfaction and confidence with
the program, agency and government at large.
10FEC Information Technology Strategic Plan 2020-2024
IT Objective 4: Workforce Reshaping
Over the next few years, we will be combining our IT modernization strategy with
workforce reshaping for OCIO. This is a collaborative process that will involve both
employees and supervisors as we work toward developing and instituting more meaningful
ways to measure our performance. We will work together with OPM’s HR Solutions to
optimize position management and the structure of the division, making sure that we
identify the needed skills for a position and then provide training and/or recruiting for that
set of skills.
In 2019 we partnered with HR Solutions to update position descriptions for our division.
Through this process we hope to more accurately reflect the job duties that each member of
our team is handling and, where warranted, examine opportunities for career ladder
development or competitive promotion where applicable. We’re also working with OPM to
develop performance standards to accurately measure and reflect our performance
throughout the year.
The OCIO has a critical responsibility to ensure the FEC can meet its mission, today and in
the future. Talent management will be a key element in order to ensure OCIO meets that
responsibility, and we will continue to rely on our partnership with HR Solutions as we
work to ensure that FEC OCIO’s structure and skillsets support the agency’s current and
future needs.
11FEC Information Technology Strategic Plan 2020-2024
STRATEGIES FOR IMPLEMENTATION
IT Objective 1: IT MODERNIZATION
Strategic Activity 1.1: Migrate appropriate systems and data to the cloud
The FEC is implementing a multi-phase plan to reduce reliance on physical servers and migrate
appropriate systems and data to a cloud environment. As recommended by the agency’s Cloud
migration study completed in FY 2017, and in conjunction with the redesign of the agency’s
website, the FEC successfully migrated its largest database, the campaign finance database, to a
cloud environment and shut down one physical data center during FY 2018. Cloud hosting offers
a number of benefits for the FEC’s campaign finance database and website. The agency’s
Internet traffic is variable, with many more visitors accessing the website during election years
and near reporting deadlines. In addition to website visitors, filers need to access the electronic
filing system and Commission staff need to access applications, including the website and
databases, to perform their day-to-day duties. With a cloud-hosted application and database
infrastructure, the FEC will only need to pay for the actual usage, rather than constantly
maintaining the capacity to support peak usage, even during periods of reduced usage. Website
downtime will be minimized and server maintenance will be managed by the cloud computing
provider.
The next major system to be migrated to the cloud will be the eFiling platform, as described in
Strategic Activity 1.2. Over the next five years the FEC will identify other assets that are
appropriate for cloud hosting and migrate from its physical servers into a cloud-hosted
environment. During FY 2020, the OCIO will partner with cloud architecture experts to
determine how best to migrate other appropriate systems and databases to the cloud, allowing the
agency to realize greater efficiency and performance in future years. The OCIO will focus on
implementing the results of this study during FY 2021 and in future years.
Strategic Activity 1.2: Implement new eFiling platform
The FEC’s eFiling system acts as the point of entry for submission of electronically filed
campaign finance reports, providing faster access to reports and streamlining operations. This
system provides for public disclosure of electronically filed reports, via the FEC website, within
minutes of being filed. During FY 2017, the Commission published a study of its current eFiling
platform, including a survey of the existing functionality of the FEC’s free filing software and an
in-depth investigation of needs expressed by filers. 1 Based on the recommendations revealed
through this evidence-based study, the FEC plans to improve its eFiling platform to allow greater
operating system flexibility for users when generating filings for submission to the Commission.
Improvements to the eFiling platform will also increase the consistency and accuracy of
1
Available at https:/www./fec.gov/about/reports-about-fec/agency-operations/e-filing-study-2016/.
12FEC Information Technology Strategic Plan 2020-2024
reporting. The FEC’s new eFiling platform is also expected to improve the process for validating
filings prior to acceptance and generate modern file outputs that will provide for more flexibility
in accessing data.
The modernization efforts will provide for seamless integration with the website. The FEC’s
modernized eFiling platform, which will be hosted in a cloud environment, will be administered
by existing FEC staff, reducing the number of contractors needed to support this system.
Strategic Activity 1.3: Reduce operating and maintenance expenses related to legacy
systems
In addition to large-scale modernization initiatives to migrate the campaign finance database to a
cloud environment and improve the FEC’s eFiling system, the FEC will begin work to
incrementally reduce reliance on legacy systems. Moving to a cloud-hosted model provides the
Commission opportunities to continue to reduce its dependency on costly legacy systems,
including mission-critical systems affecting both internal and external users, consistent with the
recommendations of the Government Accountability Office’s May 2016 report, Federal
Agencies Need to Address Aging Legacy Systems. For example, planned improvements to the
eFiling system, which was designed in the mid-1990s, will provide an opportunity to migrate the
eFiling data center to a cloud environment, reducing costs for the support and maintenance of the
legacy eFiling physical data center.
Over the next five years the FEC will take steps to modernize, or replace where applicable,
legacy applications such as review modules, the disclosure suites, the case management system,
Enterprise Content Management, and internal support systems such as those systems that support
the FEC’s Office of Human Resources.
Over the next five years, the FEC will take measures where applicable to continue migrating and
modernizing the remaining legacy applications. Continuing to migrate legacy applications to the
cloud will reduce both operating expenses and capital expense, and will enable the OCIO to react
faster to the needs of business while driving greater operational efficiencies and innovation.
Strategic Activity 1.4: Implement Open Source Software
The FEC is committed to using Open Source Software (OSS) wherever it best meets the
needs and mission of the agency and in compliance with the FEC’s Open Source Policy. The
FEC is also committed to developing our work in Open Source Code and publishing publicly
all source code created or modified by FEC, whether developed in-house, by government
staffs or through contracts negotiated by FEC.
There are several positive aspects of OSS that should compel FEC to seek out OSS:
• Security - Publicly available source code enables continuous and broad peer review
that ensures rigorous security and reliability. Specifically, this process encourages the
identification and elimination of defects that might otherwise go unrecognized by a
more limited core development team.
13FEC Information Technology Strategic Plan 2020-2024
• Vendor Neutrality - Using OSS instead of proprietary software may reduce reliance
on a particular software developer or vendor. OSS can be operated and maintained by
multiple vendors, thus reducing barriers to entry and exit.
• Cost Saving - Open source licenses allow FEC to reuse existing OSS-based products
to satisfy new needs quickly and secure substantial cost savings for the agency. OSS
can provide a cost advantage in situations where many copies of the software may be
required, and can mitigate risk of cost growth due to licensing in situations where the
total number of users may not be known in advance. By sharing the responsibility for
maintenance of OSS with other users, FEC can benefit by reducing the total cost of
ownership for software.
• Innovation - OSS is particularly suitable for rapid prototyping and experimentation,
where the ability to "test drive" the software with minimal costs and administrative
delays can be important. Rapid prototyping with OSS enable innovation and creativity in
the agency.
• Reusability - Developing agency’s work in Open Source Code and publishing the code in
the public domain creates economic value by lowering the cost of replicating similar
work by other agencies or state and city governments or by allowing the private sector to
build off of and create new businesses around open source code developed by FEC.
Strategic Activity 1.5: Partner with other federal agencies
The FEC is committed to achieving organizational excellence in its operations and administrative
functions. With increased focus on the FEC's primary missions, OCIO continues to explore
avenues for maintaining operational efficiencies at a reasonable cost. The Federal Shared
Services program supported by OMB, CIO Council and GSA's Office of Government Wide
Policy offers this opportunity. Currently, the FEC partners with USDA as a provider for payroll
and financial management. OCIO will analyze current services, develop a roadmap for
implementing additional services and assess agency readiness for an expansion of shared
services. In expanding its federal shared services portfolio, the FEC will consider services that
achieve the following goals:
• Reduce data duplication across business units;
• Ease the adoption of new government-wide requirements;
• Enhance the continuity of service for administrative functions;
• Reduce the infrastructure "data center" footprint;
• Improve business processes and data standards;
• Increase access to information for decision makers; and
• Share the cost of providing technology in a secure environment.
14FEC Information Technology Strategic Plan 2020-2024
IT Objective 2: SECURITY AND PRIVACY
Strategic Activity 2.1: Adopt the NIST Cyber Security Framework (CSF)
FEC has recognized that perfect security is not feasible; it is a continuing process of detecting
risks, process improvements and hardening defenses. For that reason, the benchmark of the
FEC’s approach to cybersecurity has always been practicability and continuous improvement.
Our cybersecurity strategy outlines an approach of securing our infrastructure and preventing
intrusions through a holistic cybersecurity program led by the Chief Information Security Officer
(CISO). The strategy implements leading practices for a comprehensive cybersecurity from the
National Institute for Standards and Technology’s (NIST) Cyber Security Framework (CSF) and
industries’ best practices.
The CSF functions provide a common language regarding cybersecurity issues that can help
facilitate important discussions between different organizations. Therefore, adopting the NIST
CSF will encourage effective collaboration and communication with FEC leadership and partner
agencies and industries. FEC’s cybersecurity strategy strives to mature the five functions of the
NIST CSF:
Identify: This function seeks to develop our deep understanding to manage cybersecurity
risks to systems, assets, data and capabilities. The projects in this function are
foundational for effective use of the framework. Understanding the business context, the
resources that support critical functions and the related cybersecurity risks will enable the
OCIO to focus and prioritize our efforts. This action will be consistent with the
organization’s risk management action plans and business objectives.
Protect: This function seeks to help the team develop and implement the appropriate
safeguards to ensure delivery of critical infrastructure services. This function supports the
ability to limit or contain the impact of a potential cybersecurity event.
Detect: This function seeks to develop and implement the appropriate activities to
identify the occurrence of a cybersecurity event. This will enable the OCIO to timely
discover a cybersecurity event.
Respond: This function seeks to develop and implement the appropriate activities to take
action regarding a detected cybersecurity event. The respond function supports the ability
to contain the impact of a potential cybersecurity event.
Recover: This function seeks to develop and implement the appropriate activities to
maintain plans for resilience and to restore any capabilities or services that were impaired
due to a cybersecurity event. The recover function supports timely recovery to normal
operations to reduce the impact from a cybersecurity event.
15FEC Information Technology Strategic Plan 2020-2024
Strategic Activity 2.2: Robust security architecture
The goal of the OCIO is to define a robust, innovative and holistic security architecture that
mitigates modern threats. In partnership with the Department of Homeland Security (DHS),
Massachusetts Institute of Technology (MIT) and the Pacific Northwest National Laboratory, the
OCIO will collaborate with FEC stakeholders and technical experts to identify, protect, detect,
respond to and recover from the impact of known and unknown potential threats. We will
continuously assess security controls and address the remaining residual risks.
Through a rigorous assessment and authorization methods and programs such as the federal
Continuous Diagnostics and Mitigation (CDM) program and Cyber.gov, the OCIO will continue
to mature its cybersecurity program and security architecture to safeguard FEC’s infrastructure,
networks and applications against cyber threats and malicious activities.
Following the NIST guidelines and considering the Commission’s own prioritization and
resources, the first wave of projects primarily focuses on the “Protect” function to hinder threat
actors from gaining access to the FEC’s IT assets and data. The initial project includes
strengthening our perimeter defenses using Software Defined Perimeter (SDP) and protecting
our users from inadvertently infecting their systems by using a robust end-point security solution.
SDP will ensure that anyone attempting to access the FEC infrastructure is authenticated and
authorized at the perimeter prior to being able to access any resources on the network. Finally,
the FEC will seek to implement the most advanced endpoint security solution to combat zero-day
attacks, enabling users to click on virtually anything without risk of compromise.
Strategic Activity 2.3: Leverage cloud first initiative for security, accessibility and
recoverability
The OCIO will strive to achieve the right balance between security, agility and transparency.
Leveraging cloud computing allows FEC to take advantage of cost savings and cloud service
providers’ significant resources dedicated to maintaining the highest level of security. Hosting
our information, data and systems in the cloud will provide a platform of security and privacy,
allowing the FEC to better leverage government and industries best practices. Adopting a cloud
first initiative will ultimately result in the consolidation and the modernization of all FEC’s
application and systems. The OCIO will leverage cloud service providers for their robust disaster
recovery solutions, reducing the FEC’s overall cost while eliminating the need to maintain
physical disaster recover sites.
Strategic Activity 2.4: Build a cybersecurity culture
For this comprehensive cybersecurity strategy to be successful, the OCIO will partner with
federal agencies and industry leaders to leverage best practices for our IT workforce. The first
line of defense in maintaining the protection and integrity of the agency’s network is the ongoing
education of employees about their role in identifying and preventing malicious activities. The
OCIO’s main target will be recruiting and training talent with cybersecurity expertise. In April
2019, the FEC entered into a partnership with the Partnership for Public Service to participate in
16FEC Information Technology Strategic Plan 2020-2024
the Cybersecurity Talent Initiative. This selective, cross-sector program, which provides loan
forgiveness to top bachelors and masters graduates around the United States in exchange for at
least two-years’ service at a federal agency, addresses the immediate cybersecurity talent
deficiency faced by federal government agencies by attracting service-minded individuals to
government who might not otherwise have applied.
17FEC Information Technology Strategic Plan 2020-2024
IT Objective 3: CUSTOMER EXPERIENCE
Strategic Activity 3.1: Focus FEC website and other digital services on improving customer
experience
Over the next five years, OCIO will work to develop its core CX functions, including:
• Defining internal measurements for website CX performance, including service-level
metrics such as wait times and usage statistics available through the Digital Analytics
Program (DAP).
• Improving governance by aligning CX strategy and activities with business decisions,
initiatives and investments within the agency’s broader mission and strategic priorities.
• Acquiring and developing the talent required to incorporate and improve CX within
agency activities and empowering all OCIO employees to adopt a CX mindset through
training and performance measurement.
• Partnering with business owners and subject matter experts to better understand intra-
agency customer journeys.
• Expanding the use of the FEC’s agile development model for service design to ensure a
customer-centric approach, including user-centered design, open source development and
agile development.
18FEC Information Technology Strategic Plan 2020-2024
IT Objective 4: WORKFORCE RESHAPING
Strategic Activity 4.1: Train, restructure and better align IT workforce to IT modernization
Building and sustaining a workforce with relevant IT skills to support IT modernization requires an
investment in ongoing training to nurture the talent necessary to deliver tomorrow’s technology. The
OCIO will conduct a Workforce Skills Assessment to determine the skills gap of IT staff and expand its
training programs to give experienced staff opportunities to learn new skills while reaching out to new
staff with training and educational opportunities that pave the way to a fulfilling career at the agency.
OCIO’s managers and team leaders will work with staff to develop tailored individual development plans
and establish a mentorship and career development program to provide career guidance and create
opportunities for staff.
Strategic Activity 4.2: Formalize IT policies and procedures for portfolio management
OCIO will establish and employ streamlined IT policy and governance processes that align IT solutions
with user expectations and the agency's mission requirements. Through formalizing IT policy and
governance, we will align the IT strategy with the agency’s business strategy to ensure IT investments
deliver value for the agency. We will improve the management of IT activities and provide oversight of
IT programs and acquisitions by establishing processes, milestones, portfolio management, project
management and reporting for IT resources. The result will be quality service delivery, cost control of
these services and increased visibility and transparency.
Strategic Activity 4.3: Talent management
We will develop and implement an effective talent management plan that identifies essential and specific
core competencies needed to support IT Modernization. The agency faces the constant challenge to
recruit and retain high-caliber IT professionals whose skills reflect current technology. To attract, engage
and retain a highly skilled IT workforce, OCIO will continue to seek the best-qualified candidates and
promote career goals across the IT workforce. OCIO works in partnership with the Office of Human
Resources to review and update position descriptions and develop and implement the performance
standards.
During 2019, the OCIO also partnered with HR Solutions to identify opportunities for enhancing or
adjusting the OCIO’s existing organizational structure and functions to align with the future of FEC
technology infrastructure. HR Solutions facilitated exercises and group discussions that focused on the
OCIO’s culture, mission and organizational structure. During 2020, the OCIO will use the results from
these exercises and discussions to help determine:
• What skills and training OCIO staff will need to support a modernized IT infrastructure;
• How to improve communication, leadership and teamwork and team culture to create an effective
agile environment; and
• How best to partner with business units and the public to ensure the OCIO successfully meets the
needs of end users.
19FEC Information Technology Strategic Plan 2020-2024
Strategic Activity 4.4: Develop Innovation Center
Consistent with its commitment to fostering the talents and skills of its employees and providing
excellent service to the public, the Commission has launched a cross-functional group within the agency
to develop and implement user-centered, evidence-based design solutions for achieving the agency’s
mission efficiently and effectively. The team will leverage technological advancements to improve the
delivery of mission critical functions. This team will improve organizational decision making and be
tasked with harnessing the creativity and ideas of agency employees, and emerging technologies, to
restructure systems, tools and processes, while building a 21st century IT infrastructure to better serve the
American public.
IT Strategic Plan Governance
This IT Strategic Plan is a living document which will be reviewed annually and modified to reflect
progress and updates, including changes in alignment with FEC objectives and to the business strategy.
CRITICAL FACTOR INFLUENCING SUCCESS
In order to achieve success in our strategic plan we will need to have resources and funding approved by
the Commission. These resources will include not only systems and tools, but also workforce support. In
order to meet the IT modernization objectives identified in this Plan, OCIO staff will need the skillsets,
training and environment necessary to adopt new processes and practices to support a modern IT
infrastructure.
20You can also read
